Lưu trữ cho từ khóa: crypto hack

Altcoin

Decentralized crypto exchange Nexera halts trading following $1.5m exploit

Để lại phản hồi

Multi-chain decentralized trading platform Nexera has suffered a $1.5 million exploit, forcing it to stop all trading operations.

Decentralized crypto exchange Nexera — also known as AllianceBlock Nexera — has fallen victim to a hacker attack, resulting in a loss of $1.5 million worth of liquidity. The breach was first reported by blockchain forensic firm Cyvers through a post on X, which flagged a “suspicious transaction” involving Nexera’s proxy contract.

According to Cyvers, the attacker managed to gain control over Nexera’s proxy contract, subsequently upgrading it with new permissions. This allowed the hacker to utilize the withdraw admin function to transfer all NXRA tokens. Cyvers says the hacker is actively selling all the exchange’s liquidity for Ethereum (ETH), and some of the funds “have already been bridged to the BNB chain.”

Shortly following the attack, the Nexera team confirmed the exploit in a separate X post, saying the team is “investigating an exploit involving smart contracts containing NXRA tokens.” While the exact nature of the hack remains unclear, the NXRA token contract has been paused, with trading halted as the exchange’s team is still finalizing its “findings.”

“We continue to investigate the exploit now and will come back here ASAP with follow-up steps. Thank you for your understanding and patience while we sort this out with the utmost priority.”

Nexera

Nexera, established in 2018 by Rachid Ajaja and Matthijs de Vries, facilitates trading between the Ethereum network and the Arbitrum layer-2 solution. The platform’s native token, NXRA, is used for various functions including transaction fees and rewards within the ecosystem. Following the news of the exploit, the value of NXRA plummeted by over 40%, now trading at $0.037, per data from crypto.news.

Tổng hợp và chỉnh sửa: ThS Phạm Mạnh Cường
Theo Crypto News

Altcoin

Hackers use stolen funds to buy ETH amid price crash

Để lại phản hồi

As the price of ETH dropped over 20% on Aug. 30, hackers were seen leveraging the opportunity to buy the dip using stolen crypto.

According to blockchain security firm PeckSheild, the perpetrators behind the 2021 hack on Binance Smart Chain-based defi protocol Pancake Bunny bought 2.922K ETH for 7.8M DAI.

The defi protocol was exploited in a 2021 flash loan attack, in which $46 million worth of its tokens were siphoned off and swapped for tokens like BNB, USDT, and DAI. The attack caused the price of the project’s native token, BUNNY, to crash.

Last month, the exploiter’s address returned from dormancy and transferred 1,002 Ether to crypto mixer Tornado Cash. The service allows bad actors to make tracing of funds difficult for authorities. 

At the time, the attacker’s wallet reportedly held $11.4 million of Dai (DAI).

Similarly, the attackers behind the $200 million hack of cross-chain token bridge Nomad have also acquired ETH, according to analytics firm Lookonchain.

Nomad Bridge allowed users to send funds across multiple blockchains. The attack stemmed from a vulnerability in the smart contract where tokens sent via the bridge are initially deposited. 

On August 30, 2024, the attacker spent 39.75 million DAI to acquire 16,892 ETH before moving them through Tornado Cash in a series of transactions for 100 ETH each. In total, the attacker moved approximately 2400 ETH to the privacy mixer.

Over the years, the attacker has moved the stolen assets on multiple occasions, with over $1.5 million laundered via Tornado Cash in January 2023. Prior to that, $7.5 million was moved to an unknown address.

As of publication time, one of the Nomad bridge attacker’s wallets held just over 14,500 ETH valued at over $33 million.

The recent moves come as ETH recorded its largest drop in 2024, presenting a lucrative buying opportunity. According to analysts, the cryptocurrency has lost key support levels, and the price is expected to dip even further. 

The price drop came as the broader crypto market saw over $1 billion in liquidations recorded in 24 hours.

Tổng hợp và chỉnh sửa: ThS Phạm Mạnh Cường
Theo Crypto News

Bitcoin

Bitfinex hacker ‘Razzlekhan’ reportedly spotted at Bitcoin 2024

Để lại phản hồi

Heather Morgan, convicted for her role in the Bitfinex hack involving 120,000 BTC, was reportedly seen at the recent Bitcoin 2024 conference in Nashville.

The Bitcoin 2024 conference held in Nashville, Tennessee, featured not only high-profile political figures and entrepreneurs but also some questionable attendees. Reports indicate that Heather Morgan — also known as Razzlekhan — was spotted at the conference, though her reasons for attending remain unclear.

In an X post on Jul. 28, Jameson Lopp, the co-founder of Bitcoin security provider Casa, revealed that he had “crossed paths” with Morgan in Nashville last week, adding that people told him she “has been spotted at multiple Bitcoin events over the past year.”

“It’s extremely suspicious that she is still walking free and hasn’t been sentenced for her crimes.”

Jameson Lopp

Morgan gained notoriety in the crypto space due to her involvement in the 2016 Bitfinex hack, which resulted in the loss of approximately 120,000 BTC, one of the largest crypto thefts in history. In early 2022, Morgan and her husband, Ilya Lichtenstein, were arrested and charged with conspiracy to launder the stolen crypto.

According to the U.S. Justice Department, while Morgan was not directly involved in the hacking itself — an act carried out by Lichtenstein — she pleaded guilty to a money laundering conspiracy involving the stolen BTC. Lichtenstein also pleaded guilty to conspiracy to commit money laundering.

Morgan and Lichtenstein face multi-year prison time, with potential sentences of up to 25 years for their charges of conspiracy to commit money laundering and conspiracy to defraud the U.S. Nonetheless, Morgan was granted release under house arrest on a $3 million bail, whereas Lichtenstein remains in jail pending trial.

Subsequently, Morgan was granted permission to leave house arrest three days a week for work. Reports indicate that she now positions herself as a “web3 advisor.”

Tổng hợp và chỉnh sửa: ThS Phạm Mạnh Cường
Theo Crypto News

DeFi

Casper Network says security breach contained, network still halted

Để lại phản hồi

Blockchain platform Casper Network announced to the community that a “significant security breach” that occurred yesterday has been contained.

Casper Network suspends operations

In an X post today, July 28, the team behind the Casper Network (CSPR) announced that it is still resolving the issue, but that the security breach has been contained. The blockchain network’s official X account also promised further updates within the day. The post from today also notes that “a solution is being worked on.”

Yesterday, July 27, Casper Network — which currently has a market capitalization of just over $230 million — announced to the community on X that the chain had suffered a breach and that network activity had been halted.

However, trading of CSPR, the native cryptocurrency of the Casper Network, continues on exchanges despite the blockchain network’s suspension of operations. CSPR is down more than 15% over the past week.

CSPR 4-hour price chart, July 21-28 | Source: crypto.news

Other recent crypto hacks

Earlier this month, Indian cryptocurrency exchange WazirX suffered a hack that resulted in the loss of user funds exceeding $230 million. Yesterday, the exchange announced a controversial “socialized” user compensation program that would let affected users recover at least some of their stolen funds.

As crypto.news previously reported, last year, crypto platforms and users lost a total of $1 billion from various hacks and breaches.

Tổng hợp và chỉnh sửa: ThS Phạm Mạnh Cường
Theo Crypto News

Công nghệ

Resonance Security unveils new tool for web3 websites to combat DNS manipulation

Để lại phản hồi

Blockchain security firm Resonance Security is rolling out a new tool to help web3 protocols defend against DNS and CDN manipulations.

Resonance Security has developed a new tool designed to capture continuous snapshots of the web state, including DNS records and scripts of crypto websites in a bid to detect unauthorized modifications in real-time.

According to a press release shared with crypto.news, the new tool called “Harmony” will enable crypto investors to detect early CDN hijackings and DNS manipulations, tactics increasingly exploited by malicious actors to create fraudulent websites and steal personal information.

Resonance Security chief executive Charles Dray says the solution will help projects avoid DNS takeovers and “keep their sensitive assets from being exposed to black-hat hacking groups.”

“The goal is to keep any organization’s cybersecurity strategies in tune with continuously evolving cyberattacks.”

Charles Dray

DNS hijacking has recently emerged as a favored attack vector among cybercriminals. Recent incidents involving compromised domains, such as those affecting protocols Celer Network and Compound Finance, underscore the vulnerability of crypto websites to such attacks. While the exact extent of the attack remains uncertain, security experts believe that approximately 11 platforms, including Pendle Finance, Polymarket, and THORChain, might still remain potential targets.

Paradigm’s anonymous researcher under the alias “samczsun” suggested that the hacks are believed to have originated from Google Domains accounts associated with these protocols. Last year, Squarespace acquired Google Domains in a deal valued at $180 million.

Resonance Security says the company’s latest solution utilizes artificial intelligence to assess results and eliminate false positives to “minimize research time for both the customer and Resonance’s incident response team.”

Tổng hợp và chỉnh sửa: ThS Phạm Mạnh Cường
Theo Crypto News

DeFi

Rho Markets attacker offers to return funds, says incident not a hack

Để lại phản hồi

Blockchain sleuth ZachXBT says the attacker who took funds from Scroll-supported lending protocol Rho Markets is willing to return all funds.

Specifically, the attacker has written an on-chain message committing to returning all funds, claiming theirs wasn’t an exploit or hack. In a post after the incident, blockchain investigator ZachXBT noted that the attacker appeared to be a grey or white hat and that the funds could be recovered. The exploiter has a lot of exposure on centralized exchanges, ZachXBT noted.

Not long after, the attacker communicated with Rho via an on-chain message.

The message read:

‘Our MEV bot has profited from a configuration error in Rho Markets’ price oracle. We understand these funds belong to users and are willing to return them in full. However, we first want you to acknowledge that this was not an exploit or hack, but a configuration mistake on your part. Additionally, please inform us of the measures you will take to prevent such incidents in the future,” they wrote.

Rho Markets pauses platform amid investigation

Earlier on Monday, blockchain security firm Cyvers Alerts noted that Rho Markets had suffered an attack that impacted the protocol’s USDC and USDT pools.

From the incident, the attacker managed to move $7.6 million in user funds, with these held on several chains.

Rho and Scroll, an Ethereum Layer 2 protocol, confirmed the attack, noting “unusual activity. As they commenced investigations, the Rho Markets team announced a pause to the network.

“The platform functions will be enabled again once everything returns to normal. Thank you for your understanding and patience,” Rho Markets wrote.

Tổng hợp và chỉnh sửa: ThS Phạm Mạnh Cường
Theo Crypto News

Pháp Lý

Kraken, Coinbase form blockchain council to develop crypto security standards

Để lại phản hồi

Crypto exchanges Coinbase and Kraken, along with blockchain firms like Fireblocks, have established a new council aimed at addressing emerging threats like contract exploitation.

American crypto trading giants Kraken and Coinbase have co-founded a new non-profit organization aimed at safeguarding the industry from emerging security threats by developing a “consensus of agreed upon standards.”

In a Wednesday blog announcement, Kraken said the new organization, called the Blockchain Security Standards Council (BSSC), will seek to establish “uniform security standards” to drive confidence in the industry. The council’s founding team also includes Coinbase, Anchorage Digital, Bastion, Figment, Fireblocks, Halborn, OpenZeppelin, Ribbit Capital, and Sentinel Global.

Kraken says all firms in the BSSC are committed to developing “industry security benchmarks and a robust audit process by the end of 2024.” For instance, the BSSC will focus on addressing threats such as fraud, nation-state targeted campaigns, and protocol and contract exploitation.

Besides addressing security issues, the council will also seek to engage with regulators to ensure the sector develops “unified standards that protect consumers while nurturing innovation in the asset class,” the announcement reads.

For Coinbase and Kraken, this is not their first venture into forming councils. In 2019, both platforms co-founded the Crypto Ratings Council to clarify which tokens could be traded without regulatory oversight. Despite these efforts, the council failed to shield Coinbase and Kraken from lawsuits filed by the U.S. Securities and Exchange Commission in 2023, which alleged that both companies violated securities laws.

Tổng hợp và chỉnh sửa: ThS Phạm Mạnh Cường
Theo Crypto News

Bitcoin

DMM Bitcoin to raise $320m to pay back victims of recent hack

Để lại phản hồi

The Japanese crypto exchange outlined plans on its website to raise 0 million to purchase bitcoin and repay their hack’s victims. 

According to DMM Bitcoin’s website, all clients who held Bitcoin (BTC) during the hack will be guaranteed a refund from what is described as “group companies.” 

“As initially reported, we will guarantee all of the Bitcoin (BTC) held by customers by obtaining support from group companies to replace the amount of Bitcoin (BTC) that was leaked,” the website read.

DMM Bitcoin obtained a 5 billion yen loan on June 3 and is set to raise an additional 48 billion yen on June 7 through a “capital increase.” Details of this “increase” were not disclosed on the website. Additionally, the company plans to add 2 billion yen through subordinated loans on June 10, as stated in the announcement.

DMM Bitcoin stated that all these loans and fundraising efforts will not affect the overall pricing of the BTC market and they did not provide any further details on the hack but promised a full investigation.

“We are currently continuing our investigation into the cause of the unauthorized disclosure. We will provide a follow-up update as soon as details are known,” the website read.

Hack details

The exchange suffered a hack on May 31, losing more than 4,500 Bitcoin (BTC) worth around 8 million. That BTC would currently be worth 9 million. 

The company claimed all the BTC was “leaked” from customers’ wallets and promised a full reimbursement. The hacker split up the stolen bitcoin across 10 wallets in batches of 500 BTC. 

The company initially claimed that it could issue full refunds due to compliance with Japanese regulations, which require virtual asset service providers to manage corporate liquidity separately from user funds. 

Tổng hợp và chỉnh sửa: ThS Phạm Mạnh Cường
Theo Crypto News